Black Hat vs White Hat

August 7, 2017 at 4:00 pm | Posted in Cyber Security, Musings | Comments Off on Black Hat vs White Hat
Tags: , , , , , ,

This Blog is entirely my own opinion and is no way tied to my employer. 

Last week, news broke that the cyber security analyst who stopped the Wannacry cyber security incident in May had been arrested in Las Vegas while attending the ethical hacking conference. He was accused and charged with having previously creating a piece of banking malware that gained notoriety around 2014.

Now, in this case as always the presumption is innocent until proven guilty.

However, it does pose significant questions as to those researchers who were previously wearing the “Black hat” and facing off against the security industry and later chose to go legitimate and become “white hats” in security industry.

If there is a sword of Damocles hanging over them about their past then it adds a further question as to if they want to go legitimate.

It all boils down to the principles of Sun Tzu and the Art of War. How far are States willing to overlook past crimes for the greater good.

Sun Tzu says on spies, in chapter 13 of Art of War
“Having CONVERTED SPIES, getting hold of the enemy’s spies and using them for our own purposes.”

Converted Spies are deemed the most useful by Sun Tzu as it enables other spies to be brought in based on the knowledge of the converted spy.

A thousands year old text still has relevance today and in the cyber security industry chapter 13 is especially relevant. As the knowledge that those researchers who were formally on the other side of the battle is extremely valuable.

It is entirely possible that regardless of whether the Wannacry researcher is guilty or not that the actions taken in the US have potentially put off future Black Hats from becoming White Hats and that the knowledge they would have brought is now lost.

Advertisements

Blog at WordPress.com.
Entries and comments feeds.